package com.gitee.sop.layui.adminserver.frameword.init.bo;

import com.gitee.sop.layui.adminserver.entrance.bo.ServiceContext;
import com.gitee.sop.layui.adminserver.module.background.admin.entity.SysApplication;
import com.gitee.sop.layui.adminserver.module.background.admin.entity.SysUser;
import com.gitee.sop.layui.adminserver.module.background.admin.service.SysUserService;
import com.gitee.sop.layui.adminserver.plugins.shiro.AbstractRealm;
import com.gitee.sop.layui.adminserver.plugins.shiro.LoginTypeToken;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;
import java.util.List;
import java.util.Set;

/**
 * 管理员授权处理
 *
 * @author: huwei
 * @date: 2019/9/18 15:00
 * @version: 1.0.0
 */
@Service
public class AdminRealm extends AbstractRealm {
    @Lazy
    @Resource
    private SysUserService sysUserService;

    public AdminRealm() {
        super();
    }

    @Override
    protected UserInfo getUserInfo(AuthenticationToken token) {
        LoginTypeToken loginTypeToken = (LoginTypeToken) token;
        //系统管理员
        SysUser sysUser = sysUserService.getOneByUsername(loginTypeToken.getUsername());
        boolean isExistUser = sysUser != null;
        boolean isLocked = isExistUser && sysUser.getStatus() != 0;
        String message = null;
        //查询主账户是否被禁用
        if (isExistUser && !isLocked) {
            int count = sysUserService.getDisableMasterUserCount(sysUser.getUuid());
            if (count > 0) {
                isLocked = true;
                message = "主账户已被锁定";
            }
        }
        SimpleAuthenticationInfo simpleAuthenticationInfo = isExistUser ? new SimpleAuthenticationInfo(sysUser, sysUser.getPassword(), getName()) : null;
        return new UserInfo(isExistUser, isLocked, message, simpleAuthenticationInfo);
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        if (SysUser.class.isAssignableFrom(principals.getPrimaryPrincipal().getClass())) {
            SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
            //管理员
            SysUser sysUser = (SysUser) principals.getPrimaryPrincipal();
            //获取功能角色列表，进行功能匹配
            List<String> roles = sysUserService.getFunctionRoleListByUuid(sysUser.getUuid());
            authorizationInfo.addRoles(roles);


            //权限添加
            SysApplication cur = ServiceContext.me().getCurrentApplication();
            Set<String> urls = sysUserService.getPermissionUrls(cur.getAppId(), sysUser.getUuid());
            authorizationInfo.addStringPermissions(urls);
            return authorizationInfo;
        }
        return null;
    }
}
